Tag: technology

Questions Related to technology

In the following code snippet, how should a pointer be deleted int main (int argc, char argv[]) { char j=new char[100]; j=argv[1]; int k=atoi(j); /delete here/ return 0; }
technology security

  1. delete j

  2. free j

  3. it is not supposed to be deleted

  4. delete [] j

Show answer
Correct Option: D

A program wants to do some activities with root privileges when it starts up and shuts down. Other activities it does can be done as a lesser privileged user. Which of the options given below is most secure?
technology security

  1. The program should be started with root privileges. Then it should use setuid(UID) to change privileges between root and another account.

  2. The program should be started with root privileges. Then it should use seteuid(UID) to change privileges between root and another account.

  3. Starting the program as root is a security risk. The program should run with least privileges and obtain root using seteuid(UID) whenever necessary.

  4. The program has to run with root privileges entirely. Once root privileges are dropped they cannot be regained.

Show answer
Correct Option: B

What value is stored in *leaf in the program given below? int *myfunc(int tree) { int *node; int i=rand(); if(0==tree/pow(2,i)) node=&tree; else node=&i; return node; } int main(int argc, char * argv[]) { int *leaf; leaf=myfunc(7); }
technology security

  1. value of tree

  2. value of node

  3. value of i

  4. garbage-- its a dangling pointer

Show answer
Correct Option: D

The following code is part of a system daemon that is run with elevated privileges. It opens a temp file in /tmp directory as a cache. Is there an issue in this code sample? Please assume that filling up /tmp is not an issue here. int outfile = fopen(“/tmp/cache_data”, O_WRONLY | O_CREAT | O_TRUNC, 0600);

technology security

  1. Since the file name is hard coded, fopen() will fail if the file already exists

  2. 0600 is not a secure option. The parameter 0600 should be changed to 0666

  3. Attackers can exploit by creating a symboling link /tmp/cache_data that points to a system file

  4. Attackers can exploit the application's cache by writing directly to /tmp/cache_data

Show answer
Correct Option: C

Is writing to an already freed memory a vulnerability? x = malloc(200); /* do something with x / free (x); / do something else */ strcpy(x, “somedata”);

technology security

  1. Overwriting freed memory is a security vulnerability

  2. Depends on the application and how important “somedata” is

  3. This will result in a buffer overflow since the freed memory location cannot handle 8 characters of data “somedata”

  4. strcpy() will fail as it cannot write to already freed memory, and the application will crash

Show answer
Correct Option: A

What is FDDI ?
technology

  1. Fiber Data Distributed Interface

  2. Fiber Distributed Data Interface

  3. Fiber Distributed Digital Interface

  4. Fiber Digital Ditributed Interface

Show answer
Correct Option: B

What is ICMP ?
technology

  1. Internet Connection Messgae Protocol

  2. Internet COntrol messgae protocol

  3. Internet Control Management Protocol

  4. Internet Control Messgae Protocol

Show answer
Correct Option: D

What is LDAP ?
technology

  1. Lightweight Directory Access Protocol

  2. Lightweight Data Access Protocol

  3. Lightweight Distributed Access Protocol

  4. LightWeight Access Protocol

Show answer
Correct Option: A

What is SNMP ?
technology

  1. Synchronous Network Management Protocol

  2. Simple Network Management Protocol

  3. Simple Network Message Protocol

  4. Simple Network Messaging Protocol

Show answer
Correct Option: B

what is DHCP ?
technology

  1. Digital Host Connection Protocol

  2. Digital Host Configuration Protocol

  3. Dynamic Host Connection Protocol

  4. Dynamic Host Configuration Protocol

Show answer
Correct Option: D